Ramblings from the creator of HomeSite, TopStyle, FeedDemon and Glassboard Android.

Wednesday, December 20, 2006

Desktop Software is Paralyzed by Fear

Despite the power and rich UI that desktop applications offer, it's obvious that the move to Web applications is accelerating. For many people, the ability to access their data through any browser clearly outweighs the benefits of desktop software.

However, if you get away from techie circles and speak with mainstream users, you'll find that many of them don't care about the ease of accessing their data. They only need to access their data from one location, so it makes no difference to them whether they can get their email at Starbucks. In fact, some of them don't even like the idea of their data being "out there somewhere."

Yet they're still moving to the Web.

Why is this? There are many reasons, but fear is a big one. Downloading and installing software is scary.

When you try to download something, you're presented with a security warning about how the software could potentially harm your computer. If you install the program despite this warning, your firewall often displays an intimidating dialog asking whether you really want to trust this application enough to let it talk to the outside world. It's a one-two punch that's driving away many would-be users of desktop software.

Sadly, I don't see any signs that this will dramatically change for the better, at least not in the Windows world. Despite the enormous graphical improvements and other advances in Windows Vista, downloading and installing software is still too scary for non-technical users.

It's great that Microsoft is concerned about security - given the past few years of spyware-ridden desktops, they have to make security their priority - but I sure wish they could make Windows secure without scaring away customers.

Comments

You can follow this conversation by subscribing to the comment feed for this post.

Actually, it is not just inexperienced users who hesitate to install programs on Windows. Many experienced users do too, because they know from painful experience that installing a new application can easily make their system start malfunctioning in strange and creative ways. In addition to this, they also know that it may be impossible to really remove the application.

This situation is partly the fault of Microsoft for making Windows the way it is and partly (possibly even more) the fault of the armies of lazy, slovenly programmers out there who think they can do anything they like on users' computers. They abuse the Windows Registry as their own private database, overwrite system DLLs with their own dubiously patched versions, patch the Windows kernel without asking for permission and almost never clean up after themselves when they leave -- i.e. their uninstallers leave an unholy mess of cruft throughout the system.

What these slobs do is the digital equivalent of breaking and entering and causing physical damage to property. The only reason we don't have lawsuits for this damage is because neither users nor the courts really understand what is happening here.

On the face of their behavior one would have to say that the majority of Windows programmers have no respect whatsoever for their users' property or home environment. It's as though a salesman were to come into your home, rearrange all your furniture without asking you (replacing some of it in the process), empty the ashtrays and all his own garbage onto your living room floor and then just leave.

Not only that, IE7 won't even let you download and install some programs, even after you've paid for them. I recently purchased an upgrade to Adobe Acrobat, and after shelling out $100 for my upgrade and going to the download page, IE7 simply threw up a message saying something like "For your protection, Internet Explorer has blocked this software from downloading to your computer." It gave me no options to bypass the warning and accept the download, no window above where I could accept an ActiveX control, nothing. Fortunately I also had Firefox on my machine and that worked, but what a headache!

Hi Nick, this fear you mention -- of letting strangers tap into your operating system -- is one of the driving factors behind the Adobe Apollo project. It provides a sandbox environment in which network applications can be safely and easily used.http://www.adobe.com/go/apollo

Production methods are HTML/JS/CSS or SWF. User experience parallels that of desktop apps (windowing, app name, system tray, etc). Platform support is recent Windows and Macintosh, with popular Linux distributions on the way.

(Brad, other people using IE7 can still install software... I've got to confess though that I haven't kept up-to-date on its latest security options and so can't offer tips on what might need to be changed in that configuration, sorry.)

Nick, you may be right about people moving to the web, given enough speed and bandwidth. The prime reason for this behavior, in my opinion, in addition to access from one location, is the fear of data loss, at least in applications that help create content, rather than readers or browsers. If there's one thing that is driving people to the web, it is the managed data on service provider's servers.

I understand your position as I am also a developer of desktop software, as well as the positions of the previous commenters. My question is, with all of the above, have you seen an increase in sales of your desktop software? If so, it means that (some) users are still willing to download software, given all of the potential risks, because of the advantages that desktop apps have over web apps.

To the Adobe poster above who's download failed, thats more-so Adobe's problem. They are using an antiquated download link in the auto-refresh tag of the web page (like too many download sites still too aka download.com)instead of a simple direct download a href link.

Every user I've talked to does not want their personal files online, even letters. Once you upload something to Google Docs, "they" can have a copy of it and access to it, whether you like it or not. Go back two posts and reread what everyone wants: POWER. And control is the ultimate power.

However, the motivation for Web 2.0 is not fear, but the almighty dollar. Selling you software that you can use forever (relatively) is not profitable. You yourself with newsgator initially put FeedDemon into a subscription license model. But "software as a service," where a user has to PAY to access their own data just like they have to pay for cable TV service, is what is driving companies toward the web.

Sadly, the browser isn't built for most tasks. But that doesn't seem to stop the inevitable march in that direction. Fortunately, Open Source has an entirely different course from megacorp, inc.

If more software were written for a managed platform (eg .NET or Java) I wouldn´t mind so much about installing them. Both platforms have a "good" uninstall-behaviour and could (within limits) provide a good sandbox for litte programms in which i´m sure they can´t interfer with other programms.

It´s quite sad that neither platform has any momentum for desktop apps.

Btw I just reinstalled my XP after 1,5 years, and I´m amazed at how much garbage I collected in that time. And i´m not even a big collector of shareware / freeware / trials etc...

I haven't looked at it recently, but having used some of these applications internally at Microsoft, they don't prompt the user at all before the app is launched under certain circumstances (the app doesn't need disk access, access to the registry, etc.) And when the app needs to do those things, it then prompts.

virtual machines is the new way to deploy software. If Microsoft were not that bunch of crooks, making it illegal in Home Vista to run a virtual machine, perhaps that would give an incentive to software vendors out there to start giving away ready-to-use virtual machines.

I doubt that web applications will make desktop apps obsolete. One reason are the limited features: Take Google Reader for example - where are smart folders? Where's - Google's speciality - the search?

Another reason are the governments of certain countries declaring a kind of war against their people and criminalizing internet users demanding more and more rights to get and process the users data for so-called risc profiles.

One more reason is the general lack in keeping private and sensitive data really private and secure. Think of AOL, etc...

I broke up with Google Reader, Gmail and a bunch of other services and moved back to desktop apps to do the job (better) again.

Nick: interesting thought, but I'm quite skeptical. As with some of the other commenters, I'd love to see some hard data. Also, remember that your software may not be very representative, e.g. compared to document creation and/or database software.

One huge downside of Web apps: the features and UI can change without notice. Some view that as a benefit: they get the latest and greatest without downloading. Others as a real drawback: they're forced to change how they work.

Also, I would guess the Mac is much different from Windows.

Chetan: have you seen surveys etc. on this? I think people tend to trust data on their own hard disk MORE than data in the cloud (regardless of which is statistically more reliable). Who knows whether the smaller companies are going to be around in the future, and even Google has (apparently) arbitrarily deleted email accounts and such. (I assume that's rare, but the fear is real.)

(Michael, true, consumers do need to make a trust decision on Adobe Systems. Once they do that, though, then any developer can play in that Apollo sandbox, without having to prove their trustworthiness to each individual audience member.)

"... a trust decision on Adobe Systems. Once they do that, though, then any developer can play in that Apollo sandbox, without having to prove their trustworthiness to each individual audience member."

So a user has no way of choosing to accept or decline individual Apollo apps on the basis of a publisher's identity? That can't be right, surely?

John, from a security standpoint, a 'trusted component' is one that can break your security.

What I meant was that if the Apollo environment is running as a maximally privileged process, an application which can subvert Apollo has no constraints on what it can do in the system.

Whereas if the Apollo environment has few system privileges, an application that subverts it cannot harm the system much.

So, I was asking whether (as I suspect) Apollo was running under windows maximally (or highly) priviliged, or whether Apollo installed as a relatively unprivileged application, such that, even if an application subverts Apollo, it won't have complete run of the user's system.

"So a user has no way of choosing to accept or decline individual Apollo apps on the basis of a publisher's identity? That can't be right, surely?"

You're right, that can't be right. ;-)

(The presence of a protective sandbox does not mean anyone can install HTML/JS or SWF interfaces without your consent. You definitely can choose whether you want a web application to run locally or not.)

Michael, I agree, if you can get evil code onto the system to subvert a native process, then that's bad, regardless of *which* applications or OS routines it targets. (Apollo itself will run HTML/JS and SWF, not OS-native code.)

John, so, assuming that neither the HTML/JS renderer (which ones are you using, BTW?) or the SWF environment have holes that allow OS-native code to be snuck onto the system, it should be reasonably safe.

That's a pretty big assumption though.

And that possibility would *still* be best ameliorated by making sure the Apollo environment was not itself running as a privileged process, which point you have not yet addressed.

So, I will ask again outright: Is the Apollo environment running as a maximally or minimally privileged process?

Nick, sorry to be hogging your entry here... folks, there are other places for Apollo info, and possible followup questions, too.

"Just-a-speck" (?), Macromedia Director used the catchphrase "author once play anywhere" before Java arrived in the browser, and what you know of clientside Java is in-the-browser work, and quite different.

Michael, you're using labels "maximally privileged" and "minimally privileged" which would need to be nailed down before any answer could be possible, but the Apollo runtime does seem to be built with native OS code (with all the implications this implies), even though the Apollo runtime itself will accept instructions in HTML/JS and SWF.